If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

FireFox calling home?

I just happened to be running Wireshark doing some other stuff and noticed an very short SSL exchange happen. I had Firefox open, but only on a couple of regular http pages. Any ideas? I didn't think Mozilla was into this kind of secret phoning home, it seems more of an M$ trick. Here's some excerpts from the reassembled convo (with human readable extracts and snips) -- but it's just mostly the SSL cert and encryption setup stuff, nothing to indicate what it's really doing...

Obviously I don't know what all that means other than than FF was establishing a secure link with the mothership.

As far as I am aware XRamp Security Services Inc. are reputable suppliers of secure communications technology and are accepted by the likes of Visa, Amex and so on.

If you let it, FF will do one or most of these:

1. Check for updates to FF
2. Check for updates to plugins to FF
3. Warn you that an update is available
4. Automatically update

I would suggest that you look at <Tools> <Options> <Updates> and see what your settings are.

If that happened this morning (GMT) then FF did do an update on my machine.

If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?

yep

...that's what I was leading to -- an update, or a certificate update. Just wondering if anyone had any insight on anything *else* that may be going on. If it were Internet Exploder, I'd immediately think malicious, with Mozilla, I'm thinking practical (and giving the benefit of the doubt)...

nihil is right. FF checks for updates rather regularly. Several times a day (Dont know the actual number) but when it does that it checks for updates for anything else like plugins etc. If you have ThunderBird, you will probably notice the same thing going on to pretty much the same internet addresses.

I believe in making the world safe for our children, but not our childrenís children, because I donít think children should be having sex. -- Jack Handey

Shame, shame and triple shame on you d34dl0k1 !!!. You actually only got a half of it there

Open source, closed source............... it really doesn't matter.......... both are equally crap.

What I didn't bother to mention was "what are the motives of FF to do such a thing............err like what benefits would they gain?"

To get a reasonable chance of a conviction you have to demonstrate:

1. Ability to commit the crime
2. Presence (or at least lack of alibi)
3. Motive to commit said crime

It is on #3 that the case fails miserably?

Incidentally, don't get seduced by open source............... I could provide many open sources....... and you wouldn't even know what language they were in? They are not "audited" by jealous "wannabees", unlike closed source applications....... mainly because such information is of no commercial value.

If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?

I get the feeling that there is something of a generation gap (or three!) between us?

I come from a generation when you actually got the source (if you wanted it) of COTS products. So, these packages would be "closed source" in today's nomenclature because they are proprietary COTS?

I am referring to stuff like IBM's "MAAPICS" and the like, and I am talking about applications, NOT operating systems.

Now, you needed the source for systems integration and interfacing your own grown applications (typically, reporting and statistics).

What you did not do, is mess with the source (that made your application unsupportable under the terms of your EULA)............hence my use of the expression "seduce". Because there is a temptation to make amendments to the sources of today's "open source" applications. In fact you are encouraged to do so?

I take your point that the "vanilla" version of an open source application is unlikely to contain anything underhand, because it can be examined, and will have been subjected to an independent peer review.

My approach was that the provider (Mozilla) has no motivation to do such a thing anyway. My advice would be that people should just be sure to get their open source applications from the developers' or other trusted website.

Mainstream open source code will be scrutinised, but the compiled executable on http:/narstyhakzncrakz.biz will not have been. And the source could well have been amended to produce that compilation.

If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?